Amendments to the Claims: 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

Listing of Claims: 

1. (Currently Amended) A system for controlling an application process comprising: 

first computer means associated with a secured computing environment, the first 
computer means for recognizing a request for access bv a client computer to resources of the 
secured computing environment, the client computer being remote from the secured computing 
environment and for providing to the client computer an injector to be stored on a first 
computing dovico the client computer, the injector operable to inject redirect code into a memory 
space used by an executing the application process executing on the client computer, the 
application process for communicating with the resources of the secured computing environment 
for which access is requested : 

redirect code placed by tho injector in a memory of tho first computing dovico; and 
a library of redirect functions operable to be referenced by the redirect code during 
execution of the application process, wherein the redirect code is operable to (i) intercept at least 
one function call made by the application process to access secured dat a at a remote computer 
svstem associated with the resources of the secured computing environment for which access is 
requested , and (ii) execute at least one of the redirect functions in place of the at least one 
intercepted function call so as to enable the application process, executing at the first computing 
device, to access the secured data at tho remote computer system . 

2. (Cancelled) 

3. (Previously Presented) The system, as set forth in claim I, wherein the at least one function call 
comprises a socket function call. 

4. (Original) The system, as set forth in claim 1, wherein the library of redirect functions 
comprises a dynamic link library. 

5. (Currently Amended) The system, as set forth in claim 1, further comprising: 

a secure environment having a plurality of resources; 

the first computer means comprises a firewall securing all access to the p l urality of 
resources in the secure secured computing environment; and 
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the first computer means is further for pushing an access policy pushod to the fifst 
computing dovico executing the application procoss client computer , the access policy identifying 
the resources authorized for access by the first computing device client computer . 

6 (Currently Amended) The system, as set forth in claim 5, wherein the application process 
comprises an application operable to communicate with the secure secured computing 
environment resources using an Internet transport protocol, the redirect code, and the redirect 
functions. 

7. (Original) The system, as set forth in claim I, wherein the application process comprises an 
email application. 

8 (Original) The system, as set forth in claim I . wherein the application process comprises a web 
browser application. 

9. (Original) The system, as set forth in claim 1, wherein the application process comprises a file 
transfer application. 

10. (Currently Amended) A method for controlling an application process comprising: 

pushing , from first computer means associated with a secured computing environment, an 
injector to a first computing device remote from the secured computing environment and enabled 
to execute the application process , said pushing being responsive to a request for access bv the 
first computing device to a resource of the secured computing environment : 

at the first computing device, starting an execution of the application process , the 
application process for communicating with the resource of the secured computing 
environment. ! | :}| interrupting the execution of the application proccss a ( | ;| ) injecting, via the 
injector, a redirect code into a memory space of the first computing device used bv the 
application process . and MVl l executing the redirect code in the application process to reference a 
redirect library of redirect functions so that upon resuming the execution of the application 
process, the redirect code is operable to (i) intercept at least one function call made by the 
application process to access secured data at a remote computer system the resource of the 
secured computing environment for which access is reouested. and (ii) execute at least one 
redirect function in place of the at least one function call so as to enable the application process, 
executing on the first computing device, to access the secured data at the remote computer 
system. 
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II. (Cancelled) 



12. (Currently Amended) The method, as set forth in claim 10, wherein starting and interrupting 
the execution of the application process comprises starting the execution of the application 
process using a debug option, and catching an exception thrown by the application process; and 
wherein injecting the redirect code comprises locating memory space m used by the application 
process ; injecting the redirect code into the memory space ef used bv the application process, and 
setting an instruction pointer to the redirect code. 

13. (Previously Presented) The method, as set forth in claim 10, wherein starting and interrupting 
the execution of the application process comprises starting the execution of the application 
process using a suspend option; and wherein injecting the redirect code comprises creating 
memory space in the application process, injecting the redirect code into the memory space of the 
application process, and setting an instruction pointer to the redirect code. 

14. (Previously Presented) The method, as set forth in claim 10, wherein starting and interrupting 
the execution of the application process comprises starting the execution of the application 
process using a suspend option; and wherein injecting the redirect code comprises creating 
memory space in the application process, injecting the redirect code into the memory space of the 
application process, and using a create remote thread function to execute the redirect code. 

15. (Original) The method, as set forth in claim 10, wherein executing the redirect code 
comprises; 

loading the redirect library of redirect functions; 

determining a location of an import table replacement function in the redirect library; and 
executing the import table replacement function. 

16. (Original) The method, as set forth in claim 15, wherein loading the redirect library of redirect 
functions comprises loading adynamic link library. 

17. (Previously Presented) The rnediod, as set forth in claim 15, wherein executing the import 
table replacement function comprises: 

searching an import table of the application process for the at least one function call: and 
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modifying the at least one Amotion call to reference one or more redirect functions in the 
redirect library. 

18. (Previously Presented) The method, as set forth in claim 15, wherein executing the import 
table replacement function comprises: 

searching dynamic link libraries of the application process for the at least one function 
call; and 

modifying the at least one function call to reference one or more redirect functions in the 
redirect library. 

19. (Currently Amended) The method, as set forth in claim 10 ? further comprising: 

at the first computer means: 

receiving user information; 
authenticating the user information; and 

pushing an access policy to the first computing device, wherein the access policy 
specifies resources accessible by a user associated with the user information 

20. (Previously Presented) The method, as set forth in claim 19, wherein intercepting the at least 
one function call comprises intercepting at least one socket function call. 

2 1 . (Currently Amended) The method, as set forth in claim 19, wherein the first computer means 
comprises a firewall and further comprising executing redirect functions to enable a secured 
access bv the first computing device to a plurality of resources of the secured computing 
environment via 8 the firewall. 

22 - 33. (Cancelled) 
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